CVE-2018-2424 - OpenCVE

SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sap	Hana Database Ui Ui5 Ui5 Java

Configuration 1 [-]

OR	cpe:2.3:a:sap:hana_database:1.00:::::::*
	cpe:2.3:a:sap:hana_database:2.00:::::::*
	cpe:2.3:a:sap:ui:2.0:::::netweaver_7.0::
	cpe:2.3:a:sap:ui:7.40:::::::*
	cpe:2.3:a:sap:ui:7.50:::::::*
	cpe:2.3:a:sap:ui:7.51:::::::*
	cpe:2.3:a:sap:ui:7.52:::::::*
	cpe:2.3:a:sap:ui5:1.00:::::::*
	cpe:2.3:a:sap:ui5_java:7.30:::::::*
	cpe:2.3:a:sap:ui5_java:7.31:::::::*
	cpe:2.3:a:sap:ui5_java:7.40:::::::*
	cpe:2.3:a:sap:ui5_java:7.50:::::::*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/104459
https://launchpad.support.sap.com/#/notes/2538856
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255

History

No history.

MITRE

Status: PUBLISHED

Assigner: sap

Published: 2018-06-12T15:00:00

Updated: 2024-08-05T04:21:33.271Z

Reserved: 2017-12-15T00:00:00

Link: CVE-2018-2424

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-06-12T15:29:00.307

Modified: 2019-10-09T23:40:05.667

Link: CVE-2018-2424

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "SAP HANA Database", "vendor": "SAP SE", "versions": [{"status": "affected", "version": "1.0"}, {"status": "affected", "version": "2.0"}]}, {"product": "SAP UI5", "vendor": "SAP SE", "versions": [{"status": "affected", "version": "1.0"}]}, {"product": "SAP UI5(Java)", "vendor": "SAP SE", "versions": [{"status": "affected", "version": "7.3"}, {"status": "affected", "version": "7.31"}, {"status": "affected", "version": "7.40"}, {"status": "affected", "version": "7.50"}]}, {"product": "SAP UI", "vendor": "SAP SE", "versions": [{"status": "affected", "version": "7.40"}, {"status": "affected", "version": "7.50"}, {"status": "affected", "version": "7.51"}, {"status": "affected", "version": "7.52"}]}, {"product": "SAP UI for SAP NetWeaver 7.00", "vendor": "SAP SE", "versions": [{"status": "affected", "version": "2.0"}]}], "datePublic": "2018-06-12T00:00:00", "descriptions": [{"lang": "en", "value": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00"}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Cross-Site Scripting", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-06-15T09:57:01", "orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "shortName": "sap"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://launchpad.support.sap.com/#/notes/2538856"}, {"name": "104459", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/104459"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"}], "source": {"discovery": "UNKNOWN"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cna@sap.com", "ID": "CVE-2018-2424", "STATE": "PUBLIC", "vendor_name": "SAP SE"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SAP HANA Database", "version": {"version_data": [{"version_affected": "=", "version_value": "1.0"}, {"version_affected": "=", "version_value": "2.0"}]}}, {"product_name": "SAP UI5", "version": {"version_data": [{"version_affected": "=", "version_value": "1.0"}]}}, {"product_name": "SAP UI5(Java)", "version": {"version_data": [{"version_affected": "=", "version_value": "7.3"}, {"version_affected": "=", "version_value": "7.31"}, {"version_affected": "=", "version_value": "7.40"}, {"version_affected": "=", "version_value": "7.50"}]}}, {"product_name": "SAP UI", "version": {"version_data": [{"version_affected": "=", "version_value": "7.40"}, {"version_affected": "=", "version_value": "7.50"}, {"version_affected": "=", "version_value": "7.51"}, {"version_affected": "=", "version_value": "7.52"}]}}, {"product_name": "SAP UI for SAP NetWeaver 7.00", "version": {"version_data": [{"version_affected": "=", "version_value": "2.0"}]}}]}, "vendor_name": "SAP SE"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00"}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Cross-Site Scripting"}]}]}, "references": {"reference_data": [{"name": "https://launchpad.support.sap.com/#/notes/2538856", "refsource": "MISC", "url": "https://launchpad.support.sap.com/#/notes/2538856"}, {"name": "104459", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104459"}, {"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255", "refsource": "CONFIRM", "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"}]}, "source": {"discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T04:21:33.271Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://launchpad.support.sap.com/#/notes/2538856"}, {"name": "104459", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/104459"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"}]}]}, "cveMetadata": {"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "assignerShortName": "sap", "cveId": "CVE-2018-2424", "datePublished": "2018-06-12T15:00:00", "dateReserved": "2017-12-15T00:00:00", "dateUpdated": "2024-08-05T04:21:33.271Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sap:hana_database:1.00:*:*:*:*:*:*:*", "matchCriteriaId": "528C05CB-315F-465C-8C25-EF85AA7D19B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:hana_database:2.00:*:*:*:*:*:*:*", "matchCriteriaId": "4C6CA542-7071-48B6-B135-3AE9B4BB1DC5", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:ui:2.0:*:*:*:*:netweaver_7.0:*:*", "matchCriteriaId": "BAC1FC47-D27B-4D31-B0CB-84CB75B9B314", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:ui:7.40:*:*:*:*:*:*:*", "matchCriteriaId": "6A245CAD-2365-48F5-994D-65658825DA3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:ui:7.50:*:*:*:*:*:*:*", "matchCriteriaId": "FD311636-17EB-4DEA-8A9B-9539B4B43C3F", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:ui:7.51:*:*:*:*:*:*:*", "matchCriteriaId": "2AE480CB-D830-42D5-B297-3D5874AEFA36", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:ui:7.52:*:*:*:*:*:*:*", "matchCriteriaId": "830F67FF-0DEA-4B07-A3E0-CDCD01888DED", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:ui5:1.00:*:*:*:*:*:*:*", "matchCriteriaId": "DFBC9A13-184E-403D-9F4C-435A46A3F92A", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:ui5_java:7.30:*:*:*:*:*:*:*", "matchCriteriaId": "500E7A87-9E8C-464D-9316-F4F2FDECFDA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:ui5_java:7.31:*:*:*:*:*:*:*", "matchCriteriaId": "C959F430-EF52-48FE-838D-40B87019B61D", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:ui5_java:7.40:*:*:*:*:*:*:*", "matchCriteriaId": "FC625547-85B8-4E19-B7DC-32BC25603F3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:ui5_java:7.50:*:*:*:*:*:*:*", "matchCriteriaId": "F01D0C09-61E9-48CE-8440-9513B79845B2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00"}, {"lang": "es", "value": "SAP UI5 no valid\u00f3 las entradas de usuario antes de a\u00f1adirlas a la estructura DOM. Esto podr\u00eda conducir a que se a\u00f1ada al DOM c\u00f3digo JavaScript malicioso proporcionado por el usuario que podr\u00eda robar informaci\u00f3n del usuario. Los componentes de software afectados son: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52 y la versi\u00f3n 2.0 de SAP UI para SAP NetWeaver 7.00"}], "id": "CVE-2018-2424", "lastModified": "2019-10-09T23:40:05.667", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "cna@sap.com", "type": "Secondary"}]}, "published": "2018-06-12T15:29:00.307", "references": [{"source": "cna@sap.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/104459"}, {"source": "cna@sap.com", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://launchpad.support.sap.com/#/notes/2538856"}, {"source": "cna@sap.com", "tags": ["Vendor Advisory"], "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"}], "sourceIdentifier": "cna@sap.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}